Skip to content

Commit

Permalink
fix: correctly validate package/realm path (gnolang#1813)
Browse files Browse the repository at this point in the history 
The regex pattern used for package/realm path validation is incorrect.
Currently, it allows paths with special characters and empty path parts,

Fixed it.

BREAKING CHANGE:
- Special characters are disallowed
- Cannot have trailing slash(s)
- Cannot have empty path part
- Cannot have solely `_`[underscore(s)] in path
  • Loading branch information
@harry-hov
harry-hov committed Apr 17, 2024
1 parent 3297d0c commit 0c2d51e
Show file tree
Hide file tree
Showing 2 changed files with 150 additions and 3 deletions.
4 changes: 1 addition & 3 deletions tm2/pkg/std/memfile.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,11 +37,9 @@ func (mempkg *MemPackage) IsEmpty() bool {
return len(mempkg.Files) == 0
}

const rePathPart = `[a-z][a-z0-9_]*`

var (
rePkgName = regexp.MustCompile(`^[a-z][a-z0-9_]*$`)
rePkgOrRlmPath = regexp.MustCompile(`gno\.land/(?:p|r)(?:/` + rePathPart + `)+`)
rePkgOrRlmPath = regexp.MustCompile(`^gno\.land\/(?:p|r)(?:\/_?[a-z]+[a-z0-9_]*)+$`)
reFileName = regexp.MustCompile(`^([a-zA-Z0-9_]*\.[a-z0-9_\.]*|LICENSE|README)$`)
)

Expand Down
149 changes: 149 additions & 0 deletions tm2/pkg/std/memfile_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -51,3 +51,152 @@ func TestMemPackage_Validate(t *testing.T) {
})
}
}

func TestRePkgOrRlmPath(t *testing.T) {
t.Parallel()

testTable := []struct {
desc, in string
expected bool
}{
{
desc: "Valid p",
in: "gno.land/p/path/path",
expected: true,
},
{
desc: "Valid r",
in: "gno.land/r/path/path",
expected: true,
},
{
desc: "Leading Underscore",
in: "gno.land/r/path/_path",
expected: true,
},
{
desc: "Trailing Underscore",
in: "gno.land/r/path/path_",
expected: true,
},
{
desc: "Underscore in Between",
in: "gno.land/r/path/p_ath",
expected: true,
},
{
desc: "Invalid With Underscore 1",
in: "gno.land/r/path/_",
expected: false,
},
{
desc: "Invalid With Underscore 2",
in: "gno.land/r/path/_/_",
expected: false,
},
{
desc: "Invalid With Underscore 3",
in: "gno.land/r/path/__/path",
expected: false,
},
{
desc: "Invalid With Hyphen",
in: "gno.land/r/path/pa-th",
expected: false,
},
{
desc: "Invalid x",
in: "gno.land/x/path/path",
expected: false,
},
{
desc: "Missing Path 1",
in: "gno.land/p",
expected: false,
},
{
desc: "Missing Path 2",
in: "gno.land/p/",
expected: false,
},
{
desc: "Invalid domain",
in: "github.com/p/path/path",
expected: false,
},
{
desc: "Special Character 1",
in: "gno.land/p/p@th/abc/def",
expected: false,
},
{
desc: "Special Character 2",
in: "gno.land/p/p&th/abc/def",
expected: false,
},
{
desc: "Special Character 3",
in: "gno.land/p/p&%$#h/abc/def",
expected: false,
},
{
desc: "Leading Number",
in: "gno.land/p/1Path/abc/def",
expected: false,
},
{
desc: "Uppercase Letters",
in: "gno.land/p/PaTh/abc/def",
expected: false,
},
{
desc: "Empty Path Part",
in: "gno.land/p/path//def",
expected: false,
},
{
desc: "Trailing Slash",
in: "gno.land/p/path/abc/def/",
expected: false,
},
{
desc: "Extra Slash(s)",
in: "gno.land/p/path///abc/def",
expected: false,
},
{
desc: "Valid Long path",
in: "gno.land/r/very/very/very/long/path",
expected: true,
},
{
desc: "Long Path With Special Character 1",
in: "gno.land/r/very/very/very/long/p@th",
expected: false,
},
{
desc: "Long Path With Special Character 2",
in: "gno.land/r/very/very/v%ry/long/path",
expected: false,
},
{
desc: "Long Path With Trailing Slash",
in: "gno.land/r/very/very/very/long/path/",
expected: false,
},
{
desc: "Long Path With Empty Path Part",
in: "gno.land/r/very/very/very//long/path/",
expected: false,
},
}

for _, tc := range testTable {
tc := tc
t.Run(tc.desc, func(t *testing.T) {
t.Parallel()

assert.Equal(t, tc.expected, rePkgOrRlmPath.MatchString(tc.in))
})
}
}

0 comments on commit 0c2d51e

Please sign in to comment.